SlideShare a Scribd company logo

Ericas-CWNA-Study-Guide

E
Erica StJohn
1 of 12
Download to read offline
Erica’s CWNA Study Sheet 6/6/06 ESN ID 20401-060606-121147-91 • 802.3af POE o DTE (Data Terminating Equipment) Power via (Media Dependant Interface) MDI o End span – active Ethernet Switch o Mid span – multi-port injector that sits between a non PoE switch and one or more PoE devices o Large number of 802.3af-commplinat VOIP phones attached to the same Ethernet switch can adversely affect the proper operation of the APs • 802.11 o Original IEEE standard covering DSSS, FHSS, and Infrared wireless LANs. o 802.11 networks operate at 1 to 2 Mbps in the 2.4 GHz ISM band o Minimum transmit power should be no less than 0 dBm(DSSS) o 30MHz between frequencies of non overlapping DSSS Channels o ad hoc mode o infrastructure mode o A Basic data rate and an enhanced data rate are specified for the 802.11 DSSS physical layer (DSSS) o wireless client uses to select the best AP with which to associate  Relieved signal strength value indicator  SNR ratio o Deauthentication Frames not authenticated o No authentication authorization and accounting support AAA o NA and Europe 2.402-2.480GhZ o Also 5.15-5.25 GHz UNII o IBSS un DCF mode • 802.11a o 6, 9, 12, 18, 24, 36, 48, and 54 Mbps DSSS in the 5 GHz UNII bands. o Use OFDM Modulation o Center 20 MHZ apart UNII • 802.11b o aka Wi-Fi o 1, 2, 5.5, and 11 Mbps wireless networks using DSSS in the 2.4 GHz ISM band o modulation:  1 Mbps (DBPSK)  2 Mbps (DQPSK)  5.5 Mbps (DQPSK)  11 Mbps (DQPSK) o Client Utilities  Site Survey Utility  Signal Strength meter  User profile config tool o Controls the use of the RF medium for period of time using RTS/CTS • 802.11e o Enhancement to 802.11 that includes quality of service (QOS) features o Facilitates prioritization of data, voice, and video transmissions • 802.11f o Specifies methodologies for seamless roaming between access points • 802.11g o Emerging standard that offers 802.11a speeds in the 2.4 GHz ISM band and is compatible with 802.11b equipment. o ERP-OFDM o It is managed by TGg o extension of 802.11b o Extends the maximum data rate of WLAN devices that operate in the 2.4 GHz band, in a fashion that permits interoperation with 802.11b devices o Operates at up to 54 megabits per second (Mbps), with fall-back speeds that include the "b" speeds o States that 25MHz separation is required between the center frequencies of non overlapping ERP Channels o Passes  Time sync info  Capabilities  Spread Spectrum Parameter Set info • 802.11h o Enhancement to 802.11a that resolves interference issues o Dynamic frequency selection (DFS) o Transmit power control (TPC) • 802.11i o Enhancement to 802.11 that offers additional security for WLAN applications
o Defines more robust encryption, authentication, and key exchange, as well as options for key caching and pre-authentication o EAP Authentication - type is user configurable for 802.11i- compliant wireless LAN Client devices o CCMP/AES o WPA2-Enterprise o • 802.15 o WPAN Communications specification that was approved in early 2002 by the IEEE for wireless personal area networks (WPANs). • 802.15.1 o Bluetooth Short range (10m) wireless technology for cordless mouse, keyboard, and hands-free headset at 2.4 GHz. • 802.15.4 o Zigbee Short range wireless sensor networks • 2.4000-2.4835 GHz – the specified frequency range for data transmission in the 2.4GHz ISM Band • When 802.11b devices are present in an 802.11g BSS, the use of DSSS will diminish network throughput significantly over a purely OFDM environment • An 802.11g system supporting only the data rates required by the 802.11g amendment can interoperate with 802.11 devices • Bluetooth - FHSS technology sponsored by 802.15. Uses the entire 2.4GHz ISM band at very low power for personal area networking. Not compatible with and can interfere with 802.11b and 802.11g. • HomeRF – o FHSS in the 2.4GHz ISM band provides up to 10 Mbps connections. o Its very low power output limits its range o Operates at a maximum of 5 MHz wide carrier frequencies, minimum of 15 hops and a maximum of 125mW of output power. o SWAP specification developed by the HomeRF Working Group for wireless voice and data networking at home o frequency hopping o has a range of up to 150 feet / 45.7 meters • Access Point o a half-duplex device with intelligence equivalent to that of a sophisticated Ethernet switch o operate in  root mode  bridge mode - clients do not associate with bridges. used to link tow or more wired network segments together  repeater mode o Protocol and MAC filtering can be included o Configuration and management of APs include  console  telnet  USB  built-in web server  custom configuration and management software o Can be programmed with a MAC address Access Control List that permits a specific group of stations from associating with an access point. • Wireless bridges o half duplex devices capable of layer two wireless connectivity o Wireless workgroup bridges are seen as a single client device. It is capable of aggregating multiple wired LAN client devices into one collective WLAN client. • Gain o An increase in amplitude obtained either by boosting the power (amplifier) or focusing the power o indicates an increase in the amplitude of an RF signal caused by an external source o Narrowing or focusing antenna beams increase antenna gain o Measured in decibels +dBi o Increasing the effective signal strength by focusing energy. o Passive Gain - Focusing the antenna lobe in a desired direction causes an increase in the distance a propagated RF wave will travel o GAIN of 10 dB will yield power ratio 10:1 o Range increases as the gain of an antenna is increased • Loss - Decrease in amplitude experienced either by reducing the power (attenuator) or by introducing splitters, long cables, etc. Measured in decibels. • Reflection – o A radio signal bounces off a smooth or coated surface and changes direction. o Direct signal will be attenuated and distorted if the indirect signal arrives at the receiver 90 degrees out of phase • Refraction - A radio signal passes through an object, but exits at an angle different from when it entered the object. • Diffraction - A radio signal passing around an object - a change in the direction and intensity of radio waves striking a fixed obstacle and the bending of the waves around that obstacle • Scattering - A single radio signal is broken up into multiple signals, each usually traveling in several new directions and being out of phase to the original signal. • Signal Strength Ratio - measurable ability to resist radio frequency interference • Voltage Standing Wave Ratio (VSWR) o Backpressure in the electrical circuit, and is often caused by antennae, cable or connectors of differing impedance. o in 802.11a WLAN caused by Mismatched impedance between devices in series with the main RF signal o Can Cause  Transmitter burnout  Decrease RF signal amplitude at the receiver
o 1:1 - value that indicates a perfect impedance match between an antenna and the attached cable • Amplification - Boosting of signal strength actively, by using a booster (amplifier), or passively, by using a high-gain antenna. • Attenuation o Reducing of a signal actively by using a resistor (attenuator), or passively/unintentionally, by using longer cables or splitters o an amplitude reduction in the signal • Visual LOS - Visual Line of Sight - from point A to point B there are no objects such as walls, buildings, trees, mountains, etc. blocking your view. • RF LOS - Radio Frequency Line of Sight - from point A to point B there are no objects such as walls, buildings, trees, mountains, etc. blocking your radio signal. Can receive a signal at point A from point B and vice versa. VLOS does not guarantee RF LOS, as radio waves will travel in a larger path. + • Earth bulge should be considered when planning paths over 7 miles • Principle of RF propagation and communication - if low RF signal strength is indicated, signal quality may be high enough for good communication o Factors affecting:  Antenna Gain  Fresnel zone blockage • The Fresnel Zone o Name of the area surrounding a transmitted RF beam after it leaves an antenna o Elliptical path of radio frequencies that must be reasonably free of obstructions for RF LOS to exist. o Any object that is within the Fresnel Zone may attenuate, reflect, refract, or scatter the radio signal, depending on the object and how far into the Fresnel Zone it is. o must be at least 60% clear of obstructions for a 2.4 GHz RF link at a distance of 5 miles o determine the diameter of the first Fresnel Zone for a wireless LAN link  Frequency of the transmission  Distance between the antennas • E plane polarization - an RF wave's orientation as it leaves the antenna element • Intentional Radiator o All equipment, including the access point, connectors, cabling, etc. from the transmitter through the point at which you connect an antenna. o First point where you must measure output power to ensure compliance with FCC regulations found in Part 47, Ch 1, Section 15.247 • EIRP - Effective / Equivalent Isotropic Radiated Power o Measurement of radio signal power as it leaves the antenna. o Second point where you must measure output power to ensure compliance with FCC regulations found in Part 47, Ch 1, Section 15.247 o Power supplied to the antenna plus antenna gain • Wave propagation - Process of transmitting or conducting energy • Watt - The basic unit of power, equal to one ampere of current at one volt. • Milliwatt o One one-thousandth of a watt measurement units for a calculable amount of power o Used to describe a calculable power quantity o 1mW = 0dBm • Decibel (dB) o Relative measurement of power based on the logarithm of absolute power o used to represent radio power because of the exceptionally small numbers o Based on a reference point of 1 Watt. o relative changes in power levels o LOSS of 3 dB = 1:2 power ratio • dBm – o Decibels referenced to 1 Milliwatt o Used to describe a calculable power quantity o 0 dBm = 1mW o 1W=30dBm in RF power o 100 mW = +20dBm • dBi – o Decibels referenced to an isotropic radiator (an antenna of 0 gain/loss). o relative changes in power levels o Antenna dissipative LOSS is denoted by use of -dBi measurement units • Power conversion formula is PdBm=10*(log(PowermW)) • The relationships between logs and watts in multiples of 3 and 10 o mW = 0 dBm 10 mW = 10 dBm 100 mW = 20 dBm 1 W = 30 dBm 1 mW = 0 dBm 2 mW = 3 dBm 4 mW = 6 dBm 8 mW = 9 dBm • Wireless LANs o Fulfill the access role on a network o Physical area is usually constrained to a floor, a building, a workgroup area, or other area that could be serviced by other technologies such as Ethernet. o Most are DSSS (Direct Sequencing Spread Spectrum) and provide wireless clients access to one another or to traditional LAN based resources such as servers, Internet access, etc. o They operate in the 2.4GHz ISM (Industrial, Scientific, and Medical bands) spectrum or the 5 GHz UNII (Unlicensed National Information Infrastructure bands) spectrum and are defined by IEEE 802.11 standards o When installing an RF extension cable to an antenna in a wireless LAN  area covered by the antenna will decrease
 Equivalent Isotropically Radiated Power (EIRP) will decrease • Wireless PANs - Wireless Personal Area Networks – o Used for small, short-range data transfers between devices such as PDA synchronizing to desktops, cordless headsets for telephones, etc. o Most are Bluetooth FHSS networks operating in the 2.4GHz ISM spectrum and are defined by IEEE 802.15 standards • Wireless WANs - Wireless Wide Area Networks o Used to connect two or more LANs together using the same technology as Wireless LANs. o Can provide as much or more speed than leased lines and for far less cost, when the proper conditions exist to permit their use • Spread spectrum o Wide bandwidth and low peak power. o A signal is considered to be a spread spectrum signal when the bandwidth is much wider than what is required to send the information. o reduced interference • FHSS - Frequency Hopping Spread Spectrum o Frequencies used vary over at least 83 MHz and each transmitting and receiving device must “hop” between frequencies on a predetermined pattern. o FCC says FHSS has a standard hop rate of 26 hops. o For FHSS, the FCC mandates a dwell time of 400ms per carrier frequency in any 30 second time period o Maximum output of FHSS is 125mW and a maximum of 5 MHz of carrier frequency bandwidth. o Narrow band interference has very little effect on FHSS due to the hopping from frequency to frequency and the fact that the band is 83.5 MHz wide. o FCC and IEEE 802.11 standard defines the useable portion of the 2.4 GHz ISM band as 83.5 MHz wide o FHSS is very resistant to narrow-band interference o Used by 802.11, Bluetooth, and other technologies, such as cordless phones. • DSSS - Direct Sequencing Spread Spectrum – o Frequencies used center on carrier frequencies, but modulate at different rate bit sequences to carry data. o DSSS has a higher data rate and is used by 802.11, 802.11a, 802.11b, and 802.11g technologies. o DSSS has channels 22 MHz wide and 1 MHz of carrier frequency. o DSSS signal is more susceptible to narrow band interference. o Used in LAWN transmission types • OFDM - orthogonal frequency division multiplexing o encoding scheme is used by 802.11a o Reduces the amount of crosstalk in signal transmissions. o transmissions in the lower U-NII Band are limited to 40mW o 48 sub carriers are used as parallel symbol transmission paths • Co-location o Two or more access points within a small enough geographic area that potential interference could exist. o May be necessary to provide sufficient coverage for wireless clients or sufficient bandwidth. o May occur unintentionally when nearby WLANs belonging to others exist. o Care must be taken to ensure that co-located access points are set up to minimize interference. • Channels – o Frequency range or pattern used to transmit and receive data o Adjacent Channel Interference - Adjacent channels are side-by-side. Adjacent channels overlap because each channel is 22 MHz wide and center frequencies are only 5 MHz apart. Coverage cells physically overlap and degrade throughput. o cause throughput degradation when operating in non overlapping channels when  The APs are too close  Output Power on each AP is too high  Antenna gain on AP is too high o Co-channel Interference is the use of the same channel in a situation where coverage cells overlap. Need to move to a non-overlapping channel (e.g. 1, 6 & 11). • Dwell time o Time slice a particular frequency is used. o Longer dwell time can mean more throughput, but can also mean more susceptibility to interference • Throughput - Actual data transfer rate in megabits per second (Mbps.) • Hop time – o Time slice between using one frequency and using the next. o The shorter the hop time, the more throughput and the more expensive the radio transmitter. • Pre 8/31/2000 - FHSS must use at least 75 of the allowed 79 channels, with a maximum power output of 1 Watt the IR. Maximum throughput in this system is 2 Mbps. • Post 8/31/2000 - FHSS must use only 15 hops where required, as long as the bandwidth of the channels used times the number of hops equals 75 MHz, but with a maximum power output of 125 mW at the IR. Maximum bandwidth in this system is 10 Mbps. • 14 channels are available for 802.11b, 11 in the US in the 2.4 GHz ISM band. Each is 22 MHz wide. • Three bands available for 802.11a in the 5 GHz UNII band. o Low band – indoor 5.15 GHz to 5.25 GHz with a maximum power output of 50mW (IEEE says 40 mW), o Middle band –indoors or outdoors at 5.25 GHz to 5.35 MHz with a maximum power output of 250mW (IEEE says 200 mW) o High band - outdoors 5.725 GHz to 5.825 GHz with maximum power output of 1000mW or 1W (IEEE says 800 mW.) FCC Title 47 • Passive scanning - Using a wireless network sniffer to monitor data transmissions without actually attempting to associate or authenticate to the network
• Active scanning - Broadcasting association requests to identify wireless networks • Authentication o Process used to begin wireless networking.  A wireless client will request to exchange data with an access point.  The access point can either permit or deny this request, or pass the request to an upstream authenticator like a RADIUS server o EAP-TLS is certificate based authentication. • Association - Process used to pass data to/from a wireless client through an access point • Unauthenticated and unassociated - Initial state of a wireless client • Authenticated and unassociated - Wireless client has successfully authenticated to an access point, but is not yet associated and therefore cannot send or receive data • Deauthentication o Is a notification, not a request o May be invoked by a station or access point • Reassociaton o AP transmits reassociaton request frame to client w status o Reassociaton service informs the distro system that an association is moving • 4 way handshake is RTS/CTS/DATA/ACK • Open system authentication o The default authentication method specified by the IEEE, which uses a null authentication process. o Any client can associate with any access point as long as the SSID is correct or “ANY” SSID is accepted o Default authentication method used by WEP • Shared key authentication - WEP (Wired Equivalent Privacy) keys are used in a Challenge/Response scenario to allow or deny authentication • Secret keys and certificates o Secret keys are WEP keys. o Certificates usually refer to PKI based certificates. EAP-TLS is certificate based authentication. o Both must be configured on the client and the access point in advance • AAA Support - Authentication, Authorization, and Accounting services 802.11i • BSS - Basic Service Set o Wireless network using an access point in infrastructure mode. o BSS identifier is usually the MAC address of the access point o Multiple clients, one AP, connected to a common distribution system. o Affected wireless bandwidth  Number of Active transmitting stations associated to the access point  Distance from the access point to the most distant station • ESS - Extended Service Set o Wireless network in infrastructure mode using two or more access points that share access to the wired network. o Two or more BSSs (Basic Service Sets) connected by a common distribution system. • IBSS - Independent Basic Service Set is also called an ad-hoc network or peer-to-peer o Has no AP or any other access to a distribution system. o Mist be self contained architecture o Must not have a distribution system access available o Can sleep • Ad-hoc mode - No access point and all wireless clients communicate directly with one another as peers • Infrastructure mode - The AP (Access Point) coordinates all between wireless clients and any other network entity, wired or wireless • SSID - Service Set Identifier – o “name” of the wireless network. o broadcast by the access point in its beacons by default o is a common network name for the devices in WLAN o alphanumeric info field having a value of 0-32 octets o disabling does not help because  any 802.11 analyzer can see SSID in clear text in frames other than beacons and probe response frames.  Broadcasting the SSID in beacons and allowing APs to respond top probe request frames through null SSID fields allows authorized users to easily find and connect to the wireless AP if they have correct security credentials • Roaming o Moving wireless client disassociates itself from one access point and associates with another. o Data flow is handed off between access points so that the user switches seamlessly. • PSP Mode - Power Save Polling mode o Wireless client “sleeps’ for a short time, several times per second, to save power. o Very important in order to extend battery life for portable clients • CAM - Constantly Aware Mode o Wireless client does not sleep o Used when battery life is not an issue • Beacons o Broadcast  Management frames (usually 10 times per second)
 Timing  Channel  SSID (not always)  Capabilities  Traffic maps (not always) o They are found in both infrastructure and ad-hoc networks • TIM - Traffic Indication Map - Used by access points in infrastructure networks to inform PSP clients of queued traffic. • ATIM - Ad Hoc Traffic Indication Map - Used by clients in ad hoc networks to inform PSP clients of queued traffic • ATIM Windows - the time slice when PSP clients “wake up” to receive notification of queued traffic • Difference between WLAN and Ethernet - o both have the same data payload o All Layer 3 protocols are supported by WLANs o WLANs have more overhead and many more types of frames.  Frame types include • Probe • Beacon • Atim • Authentication • Association • rts/cts • ack • psp • cf • DCF - Distributed Coordination Function - allows all clients to contend for access using CSAM/CA • PCF o Point Coordination Function - has the access point poll all clients for data communications.  Used to provide quality of service o When station and access point are in this mode– pollable stations are given medium access priority during the , Contention Free Period (CFP) o When a client station transmits a data frame that goes unacknowledged, the client station may retransmit the data frame during the next contention period • Interframe spacing - brief time interval when no transmissions occur. • RTS/CTS – o Used when a hidden node exists o Used for 802.11b AP to control use of the RF Medium for period of time • Dynamic Rate Selection o Clients use the maximum transfer rate available, based on capabilities of access point and signal strength. o This is usually a function of distance. o Clients can downgrade or upgrade as conditions mandate • Modulation - Modulation consists of adding data to a carrier wave using frequency, phase, or amplitude changes • Coding - Using multiple changes in modulation to represent bits of data. 802.11 o DSSS uses Barker Code for 1 and 2 Mbps, and CCK (Complementary Code Keying) for 5.5 and 11 Mbps. o 802.11 FHSS uses Barker Code. o 802.11a uses OFDM (Orthogonal Frequency Division Multiplexing) • Data access role - These roles are suitable for wireless LAN technology: wireless clients, laptops, PDAs inventory scanners, etc. • Wireless bridging o Extension of existing networks into remote locations o Building-to-building connectivity • Last mile data delivery - Wireless Internet Service Providers (WISPs) • SOHO - Home Wireless Gateways o Mobile office, classroom, industrial, and healthcare - Examples include: making medical records available to handheld devices, providing portable or temporary classrooms, performing inventory, setting up field offices, etc • PCMCIA cards - Bus speed is 33MHz o Type I is 3.3mm thick. o Type II is 5mm thick. o Type III is 10.5mm thick • USB 1 - maximum throughput of 12 Mbps • USB 2 - maximum throughput of 480 Mbps • Residential gateways - These usually provide NAT, DHCP, DNS. They usually also have a small Ethernet switch built in and are good for sharing a public IP for both wireless and wired clients • Enterprise gateways - Provides support for larger numbers of clients. Typically these are configured to hand off authentication to RADIUS o Enterprise gateways and LAN Switch  Support • Role Based Policy Enforcement • 802.1x EAP-TTLS
• Bandwidth Management  L2TP/IPSEC  802.1x/EAP-TLS • Antennas o Frequency Range in MHz o Impedance in Ohms o VSWR Rating o Polarization o Omni-directional/dipole –  Equally sensitive in all directions, transmitting and receiving in all directions.  Good for AP’s or point-to-multipoint setups  the HORIZONTAL beam width is 360 degrees o Semi-directional - more focus is given to one direction, providing more sensitivity and distance in that direction. Well suited for situations where you need to provide service in all directions, but in one particular direction distance or interference requires a stronger signal.  Yagi  Patch  panel o High-gain - The sensitivity is concentrated in one direction or plane, providing better connectivity at the expense of other directions or at the expense of directions above and below the antenna o Antenna technologies are used to help eliminate null areas of RF coverage within a facility  Antenna Diversity  Multiple Input/Multiple Output o Compared to an omni-directional antenna, diffraction is higher for an antenna with narrow beam widths • Polarization o Effect of a sending antenna and a receiving antenna being in the same or different plane. o Determines the orientation of an RF wave as is leaves the antenna element o There are  Vertically polarized antennae  Horizontally polarized antennae  Circularly polarized antennae. o Sender and the receiver use the same polarization to maximize reception. o Sender using vertical polarization and a receiver using horizontal polarization are said to be 90 degrees out of phase. This results in a 3dB signal loss, effectively reducing the power by 50%. • Beam width - The field of view of an antennae’s signal. Usually measured in degrees, from 3dB of signal loss across the maximum focus to the other side at 3dB signal loss o Wider beam width antennas do not have to be as accurately oriented, but they are not as sensitive a receiver and cannot transmit as far. o Narrow beam width antennas must be more accurately oriented, but are more sensitive and have a higher gain. o Calculated by the -3dB from the center axis both horizontally and vertically • Free-Space path loss - The attenuation of a signal over distance. Higher gain antennae overcome this by focusing the energy to travel further before the loss becomes so great as to prevent reception • Power over Ethernet (POE) devices - All POE devices use wire pairs in CAT5 cable that are not used by the Ethernet protocol. No standard across vendors • Amplifiers o Used to increase a signal’s strength, usually to overcome loss introduced by longer cable runs between the transceiver and antenna o Care must be taken to ensure that EIRP remains within FCC regulations • Attenuators o Used to decrease a signal’s strength so that it remains within FCC guidelines. o Used when an AP’s power output cannot be reduced, and the use of a high gain antenna may exceed power output restrictions or desired coverage area • Lightning Arrestors o Need for a good ground o Use ionized gas to provide the ground o usually sacrificial o protect from Induced AC and DC • RF splitters – Used to split signals between antennae, but with an accompanying loss of signal strength • Multipath o Signal reflects and arrives from more than one apparent source, and not in phase. o Delay Spread o Use antenna diversity and MIMO to compensate for this situation. o Effect of a Multipath signal is downfade, upfade, corruption, or nulling o As a Multipath signal will arrive in different phases, a single antenna will experience interference. o Dual antennae can detect the time shift and focus on the stronger signal, ignoring the weaker, out of phase signal • Hidden node – o Use RTS/CTS since nodes cannot hear one another, and thus CSMA/CA wouldn’t work. o Caused by interfering obstacles between client stations • Near-Far - Transmitter nearby may drown out a signal from a more distant station
• RF interference o is plaguing wireless LAN deployments the most o Narrow band versus wide band and Signal to Noise ratio o Microwave ovens produce the most significant RF interference to your wireless LAN • All-band interference – o To deal with this  Eliminate the source of the interference  Transmit a stronger signal than source of the interference  Use a different band • System throughput o Affected by signal strength, the number of stations, collocation, and protocols in use. o Usually half (or less) of the theoretical; i.e., an 11 Mbps rated connection provides about 5 Mbps actual throughput. o Affected by WEP, and is consumed by Acks • Co-location throughput - No overlapping channels means that with DSSS, only 1, 6, and 11 of the eleven channels should be collocated. There is some overlap between channels 1 and 6, and between channels 6 and 11 • Weather - Watch for o thermal inversion zones o high humidity o dense fog o wind • A good site survey can guarantee client performance and save money. On the other hand, a poor or non-existent site survey may lead to a failed WLAN and result in wasting money on unnecessary hardware .You must identify business requirements, client types, radio coverage and propagation patterns, security requirements, budgets, etc o site survey allows you to have a good idea of the number and location of access points necessary to provide adequate coverage and performance for your users o Obtaining terrain elevation maps and aerial photos o Determining antenna heights o Identifying possible reflections points o Gathering business requirements - You need to quantify the number of clients, the nature of their network usage o Interviewing management and users - Use a written questionnaire or survey to identify bandwidth, applications roaming, coverage areas, etc o Defining security requirements - This should include the level of encryption, authentication, etc o Site-specific documentation - Documents could include blue prints, physical security requirements, the availability of power, the need for escort, etc o Documenting existing network characteristics - Develop the following: network diagrams, bandwidth reports, a listing of available switch ports, etc o Wireless LAN equipment - At minimum, include an AP and provide the client with site survey tools, and maps or blueprints of building o Measurement tools - Some valuable tools are: a frequency analyzer, a wireless network sniffer, some external antennae, and others o Documentation - This entails material such as: blue prints of building with areas marked to show desired coverage, and authorization papers to access restricted areas or wiring closets o Non-RF information - Determine items such as client expectations, the type of users requiring wireless access security requirements, etc o Permits and zoning requirements - Determine what is necessary in the area. Pay special attention when running low voltage wiring through walls or in the ceiling, as electrical codes may apply. o Outdoor considerations - Ensure proper grounding, weather proofing, lightning protection, etc. o RF related information - Analyze sources of interference, and other wireless implementations in the vicinity o Interference sources - Know about other wireless implementations such as 2.4 GHz cordless phones, microwaves (ovens or wan links!), wireless cameras and alarm systems. o Connectivity and power requirements - Research sources for AC power, Ethernet connectivity, etc o Requirements - These include the type and number of access points client devices, antennae, etc o Methodology - Ensure a full and complete coverage of the area, scan for intermittent interference sources at several times during the day, map out areas lacking coverage, and note the signal strength of the areas covered o Measurements - Measure the following: signal to noise ratio, and signal strength. Perform bandwidth throughput testing o Security - Include recommendations for physical security, steps to prevent unauthorized access, and standards for data encryption o Graphical documentation - Color code maps or blueprints when possible, including proposed locations for access point installations. o When performing an 802.11b site survey in a multi-tenant building with ten (10) a Site Surveyor should keep in mind  The channel reuse pattern should be three dimensional with the RF cell extending coverage of each access point to only one floor above and one floor below.  Placing access points directly above and below each other from floor-to-floor typically causes co-channel and/or adjacent channel interference o Mark Dead Spots on a blueprint or floor plan o Interference hospital  Metal Mesh Glass  Elevator Shafts o Warehouse  Facility Floor Plan showing wiring closets  Forklifts temp placing APs o VOIP  End user roaming requirements  User specific throughput requirements and AP capacity info
• WEP o Security protocol defined in 802.11b o Uses Data Link and Physical Layers of OSI o 24 bit initialization vector along with either a 40 bit or 104 bit shared secret. o Initialization vector is sent in the clear, and an RC4 cipher is used to encrypt the challenge. o WEP is vulnerable to cracking, as default keys from vendors are well known. o Considered useful as a first line of defense for layered security or defense in depth o Not as secure as once believed o default authentication method - Open System Authentication • AES o Advanced Encryption Standard uses a 256 bit key length o Extremely robust and considered by many to be “unbreakable,” but is not yet a standard o It stores keys in a way that can be compromised by physical theft of client hardware o 802.11i Unimplemented draft o Supported by many manufacturers o Addresses all the weaknesses in WEP, and is often called WEP2 o rijndale algorithm chosen by Federal Information Processing Standard (FIPS) • Filtering o Allows only MAC addresses on the filter list to associate o Cannot determine if an address is “spoofed.” o Still considered useful as a first line of defense for layered security or defense in depth • Emerging security techniques o Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) using tokens o RADIUS o 802.1x o Temporal Key Integrity Protocol (TKIP) o Wireless DMZ’s. • Passive attacks (eavesdropping) - Passive sniffers are almost impossible to detect. WEPCrack is an example. • Active attacks - Active attacks consist of connecting, probing, and configuring the network. NetStumbler • Jamming attacks o Entails attacking improperly configured access points, and other ISM or UNII equipment like telephones or cameras o Jamming and interference have a lesser affect on spread spectrum communication than on narrow band communication. • Man-in-the-middle attacks - Use an access point and a bridge to intercept and relay traffic, either recording or modifying the traffic. • WEP key solutions – o Rotating keys o dynamic keys o separate keys for data and management • Wireless VPN - Most operating systems support PPTP; Windows 2000 and XP support IPSEC • Key hopping - Changing of keys based on a predetermined schedule. • Wireless gateways - Authenticate connections using RADIUS, much like RAS o An enterprise wireless gateway is a device that can provide specialized authentication and connectivity for wireless clients. • 802.1x and EAP - Add back end authentication options such as certificates, tokens etc • Securing sensitive information o SSIDs should not convey or imply anything having to do with the company o ALL transmitted data should be encrypted (using not just WEP!) o Access controls should be in place to prevent access to data by unauthorized parties • Physical security o Access points and antennae should be secured from theft. o Client devices should be the responsibility of the user, with appropriate policies in place to discourage carelessness • Inventory and audits - Implement a regular schedule to detect missing or rogue equipment • Public networks - Users may access the corporate network from public hotspots. No unencrypted data or authentication protocols (Telnet, FTP, POP3, et al) should be permitted. Personal firewalls and antivirus software must be in place and up to date • Cell sizing - Reduce power at the access point to minimize the coverage area extending beyond the LAN’s physical boundaries • Monitoring - Intrusion Detection Systems (IDS) to detect unauthorized access or probes • User authentication - Roll out RADIUS or TACACS to further authenticate the user prior to permitting access to the network • Wireless DMZ - Access points on an isolated subnet should not have to pass broadcasts from the internal network. PPTP or IPSEC can be used to secure a VPN, so that all data will be encrypted • FCC - Federal Communications Commission o regulates the radiation rating o Makes and enforces the regulations in the United States regarding communications o Requires that communication equipment manufacturers use at least 75 frequencies per transmission channel • IEEE - Institute of Electrical and Electronic Engineers - Sets standards in the United States for interoperability. Their standards usually are more restrictive than FCC regulations • WECA - Wireless Ethernet Compatibility Alliance o A vendor sponsored group that tests and certifies equipment to be interoperable under the 802.11 specifications.
o Wi-Fi brand and certification program for Wireless LAN products is developed and managed by • WLANA - Wireless LAN Association – o educational trade association for the wireless industry o Industry sponsored group provides information and education on wireless networking • IrDA - Infrared Data Association - An industry group relating to infrared communications. Most devices using infrared for small data transfers (PDAs, laptops, etc.) use IrDA equipment instead of 802.11 • ETSI - European Telecommunications Standards Institute - comparable to the IEEE in that it handles communications standards in Europe • Point to Multipoint in both 2.4 GHz ISM and 5 GHz upper UNII bands are limited to 4 Watts EIRP and 1 Watt at the IR by FCC regulations • Point to Point uses a sliding scale, which provides for reducing power at the IR to compensate for higher gain antennae o Uses infrared light, which cannot pass through walls, but can be reflected by them. o Usually requires line of site. o maximum throughput is 4 Mbps • Physical Carrier Sense functions by checking signal strength (RSSI) • Virtual Carrier Sense is implemented through RTS/CTS • Return Loss - An impedance mismatch between devices in the RE system can cause a high return loss in an RF transmission system • Authentication then Association • RADIUS - Remote Authentication Dial-In User Service o RADIUS authentication verifies against Native RADIUS, LDAP, NDS, Active Directory • Pine trees are the easiest for RF to penetrate. Maple trees are the most difficult for RF to penetrate. • The 2.4 GHz band is 2.4000 GHz to 2.5000 GHz with 2.4000 GHz to 2.4835 GHz used by ISM WLANS • The 5 GHz UNII band is 3 different 100 MHz bands known as lower, middle and upper bands. Within each is four non-overlapping DSSS channels separated by 5 MHz. • Corporate security policy should cover items such as o cell/sector size o strong passwords o strong WEP keys o physical security o use of advanced security solutions o regular WLAN inventories. • Corporate policy meeting include o Security risks and audits o Gov regulations o User productivity impact • Valid ratings of computer radiation emission in the US o Class B - least interference o Class A • SWAP o operates 2400 MHz bands o 50 hops per second • Interframe Space o DIFS – Longest Interframe Space o EIFS - Interframe Space is used in 802.11 DCF mode when the acknowledgement frame is not received by the transmitter of the previous unicast data frame o PIFS – Used during Point Coordination Function • RF signal Attenuation - the negative effect of the RF wave propagates through space front experiences natural expansion • Free-Space Path loss - the RF signal amplitude degradation as the propagated wave moves through space • when determining the link budget for a long-distance point-to-point wireless LAN link consider o Antenna gain o Transmitter power o Free Space Path Loss • WLAN Splitter – dB is used to determine the insertion loss on wireless LAN splitters • Insertion loss on wireless LAN splitters is measured in db • dBi, dB are measurements of relative power • WLAN Calculations dBm to Milliwatts • required to establish a high quality 2.4 GHz point-to-point RF link at a distance of 5 miles o Accurate Link Budget calculations o A Fresnel Zone that is at least 60% clear of obstructions • affect the propagation distance of an RF signal o Antenna gain o Fresnel zone blockage • Fade Margin – the amount of signal strength in addition to the link budget • DFS – Dynamic frequency selection • Factors affecting the application layer throughput of an 802.11g client on an 802.11g wireless LAN o Number of simultaneous 802.11g clients using the same access point
o Use of a VPN tunnels across the wireless LAN by the 802.11g client o Association of an 802.11b client to the same 802.11g access point as the 802.11g client • calculable power quantity o dBm o mW • Most common mount type for installing a WLAN to a mast (pole) outdoor o U-bolt base clamp • Wireless mesh router o Can be implemented as part of the core or access network layers in enterprise installation • Time Synchronization o When reviving beacon frames, stations check and correct their cocks using the timestamp included in the frames • Active scanning on BSS o Stations broadcast probe request frames on all channels o Nearby APs respond with probe response frame o Stations record info found in the probe response frames for use in the association process • Site Survey software vs. manual • Site survey makes it easier to update AP info and locations • Less time o Software: • Analyze sources of RF interference and noise • Emulate client experience to measure connection speed, retry rate and frame loss • Verify the possible optimal AP locations • FAT/Thick full featured vs. thin APs advantage in Enterprise environment o In case of theft, a thin AP contains no usable information o Thin APs reduce cost due to min hardware config and by having central point of mgmt • Prevent 802.11g client from roaming seamlessly between 2 APs in same network o New AP fails to receive the clients session key as part of reassociaton o Role based profile on the WLAN switch is preventing the client from using certain APs • Hijacking o Can be done with software AP, narrowband RF jamming device and DHCP server application • WIPS – Wireless Intrusion Prevention system does not recognize o Eavesdropping o 802.11 FHSS Rogue APs • WEP. WPA, WPA2 o 802.1x/EAP authentication o TKIP/RC4 • WPA/WPA2 Enterprise certification include o EAP-TTLS o PEAPv0/MSCHAPv2 o EAP-TLS o PEAPv1/EAP-GTC • Least RF Signal loss Wood studded drywall • Cables and connectors o cable quality affects amount of VSWR and return loss in the signal path o two similar connectors diff companies may vary in specs • no RF interference, still have o frame fragmentation o distance from AP • 802.11 a/g o Authentication encryption tool o Connection speed indicator o Link statistics monitor • Smaller frame size result in greater throughput in a high RF interference environment
Disclaimer: These Study Guides By Erica St.John are designed to help readers obtain information and education on products and/or services to help them study. There are no warranties implied. These guides are meant to help you learn and understand. If they help you to pass the exam, that’s great. You should note, however, that this guide is not updated to reflect every change that has been made to the exams in terms of topics and depth of knowledge required. Things like that can, do, and almost certainly will change. I have written these Study Guides by notes I have goatherd while studying for various certifications. The fundamental concept is that you should NOT rely solely upon the information or opinions you read. Rather, you should use what you read as a starting point for doing independent research on computers, hardware, wireless, security, networking and the like. Then judge for yourself the merits of the material that has been shared in. You should carefully consider whether this material is appropriate for you in light of your experience, objectives, resources and other circumstances. These documents and their information are provided for guidance and information purposes only. The information contained herein has been compiled from sources deemed reliable and it is accurate to the best of my knowledge and belief; however, these documents cannot guarantee as to the accuracy, completeness and validity and cannot be held liable for any errors, out of date information or omissions. All information contained herein should be independently verified and confirmed. Erica St. John does not accept any liability for any loss or damage whatsoever caused in reliance upon such information. Reader agrees to indemnify and hold harmless Erica St.John (Girl Geekette and or Girlgeekette.net) from and against any damages, costs and expenses, including any legal fees, potentially resulting from the application of any of the information provided by these Study Guides. This disclaimer applies to any damages or injury caused by any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft or destruction or unauthorized access to, or use of record, whether for breach of contract, tort, negligence, or under any other cause of action. Reader agrees to assume all risk resulting from the application of any of the information provided by these Study Guides. By reading and or studying these documents and content contained therein, the reader agrees that the use of these Study guides and the information in them is entirely at his/her own risk. Terms of Use: You MAY use these resources in your personal studies. You may NOT claim these resources as your own. You may NOT re-package or re-distribute this resource without written permission. No derivatives. Erica St. John http://www.girlgeekette.net erica.stjohn@gmail.com ESN ID 20401-060606-121147-91

Recommended

Tutorial on IEEE 802.15.4e standard
Tutorial on IEEE 802.15.4e standardTutorial on IEEE 802.15.4e standard
Tutorial on IEEE 802.15.4e standardGiuseppe Anastasi
 
802 15-4 tutorial
802 15-4 tutorial802 15-4 tutorial
802 15-4 tutorialSHUBHAM MORGAONKAR
 
Consistency in NoSQL
Consistency in NoSQLConsistency in NoSQL
Consistency in NoSQLDr-Dipali Meher
 
CoAP - Web Protocol for IoT
CoAP - Web Protocol for IoTCoAP - Web Protocol for IoT
CoAP - Web Protocol for IoTAniruddha Chakrabarti
 
Routing protocols for ad hoc wireless networks
Routing protocols for ad hoc wireless networks Routing protocols for ad hoc wireless networks
Routing protocols for ad hoc wireless networks Divya Tiwari
 
6LoWPAN
6LoWPAN 6LoWPAN
6LoWPAN Pradeep Kumar TS
 
netconf and yang
netconf and yangnetconf and yang
netconf and yangpavan penugonda
 
6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking ProtocolSamsung Open Source Group
 

Recommended

Tutorial on IEEE 802.15.4e standard
Tutorial on IEEE 802.15.4e standardTutorial on IEEE 802.15.4e standard
Tutorial on IEEE 802.15.4e standardGiuseppe Anastasi
 
802 15-4 tutorial
802 15-4 tutorial802 15-4 tutorial
802 15-4 tutorialSHUBHAM MORGAONKAR
 
Consistency in NoSQL
Consistency in NoSQLConsistency in NoSQL
Consistency in NoSQLDr-Dipali Meher
 
CoAP - Web Protocol for IoT
CoAP - Web Protocol for IoTCoAP - Web Protocol for IoT
CoAP - Web Protocol for IoTAniruddha Chakrabarti
 
Routing protocols for ad hoc wireless networks
Routing protocols for ad hoc wireless networks Routing protocols for ad hoc wireless networks
Routing protocols for ad hoc wireless networks Divya Tiwari
 
6LoWPAN
6LoWPAN 6LoWPAN
6LoWPAN Pradeep Kumar TS
 
netconf and yang
netconf and yangnetconf and yang
netconf and yangpavan penugonda
 
6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking Protocol6LoWPAN: An open IoT Networking Protocol
6LoWPAN: An open IoT Networking ProtocolSamsung Open Source Group
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway ProtocolKashif Latif
 
M2M Communication
M2M CommunicationM2M Communication
M2M CommunicationFabMinds
 
Router and routing
Router and routingRouter and routing
Router and routingIran-Gul Mukhlis
 
IoT Communication Protocols
IoT Communication ProtocolsIoT Communication Protocols
IoT Communication ProtocolsPradeep Kumar TS
 
Introduction to Hadoop
Introduction to HadoopIntroduction to Hadoop
Introduction to HadoopDr. C.V. Suresh Babu
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
Application Layer Protocols for the IoT
Application Layer Protocols for the IoTApplication Layer Protocols for the IoT
Application Layer Protocols for the IoTDamien Magoni
 
Hadoop Distributed File System
Hadoop Distributed File SystemHadoop Distributed File System
Hadoop Distributed File SystemRutvik Bapat
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2Hitesh Mohapatra
 
Speech Compression
Speech CompressionSpeech Compression
Speech Compressionanithabalaprabhu
 
NoSQL Architecture Overview
NoSQL Architecture OverviewNoSQL Architecture Overview
NoSQL Architecture OverviewChristopher Foot
 
Issues in routing protocol
Issues in routing protocolIssues in routing protocol
Issues in routing protocolPradeep Kumar TS
 
Introduction to Network Function Virtualization (NFV)
Introduction to Network Function Virtualization (NFV)Introduction to Network Function Virtualization (NFV)
Introduction to Network Function Virtualization (NFV)rjain51
 
Power Aware Routing in Adhoc Networks
Power Aware Routing in Adhoc NetworksPower Aware Routing in Adhoc Networks
Power Aware Routing in Adhoc NetworksPradeep Kumar TS
 
Caliban: Functional GraphQL Library for Scala
Caliban: Functional GraphQL Library for ScalaCaliban: Functional GraphQL Library for Scala
Caliban: Functional GraphQL Library for ScalaPierre Ricadat
 
The constrained application protocol (CoAP)
The constrained application protocol (CoAP)The constrained application protocol (CoAP)
The constrained application protocol (CoAP)Hamdamboy (함담보이)
 
User datagram protocol (udp)
User datagram protocol (udp)User datagram protocol (udp)
User datagram protocol (udp)Ramola Dhande
 
Cisco Networking (Routing and Switching)
Cisco Networking (Routing and Switching)Cisco Networking (Routing and Switching)
Cisco Networking (Routing and Switching)Alan Mark
 
Issues of Wireless Sensor Networks
Issues of Wireless Sensor NetworksIssues of Wireless Sensor Networks
Issues of Wireless Sensor NetworksSouhaiel tekaya
 
Introduction to NoSQL Databases
Introduction to NoSQL DatabasesIntroduction to NoSQL Databases
Introduction to NoSQL DatabasesDerek Stainer
 
Ccna Wireless Study Guide
Ccna Wireless Study GuideCcna Wireless Study Guide
Ccna Wireless Study GuideCCNAResources
 
Physical layer overview
Physical layer overviewPhysical layer overview
Physical layer overviewakruthi k
 

More Related Content

What's hot

Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway ProtocolKashif Latif
 
M2M Communication
M2M CommunicationM2M Communication
M2M CommunicationFabMinds
 
IoT Communication Protocols
IoT Communication ProtocolsIoT Communication Protocols
IoT Communication ProtocolsPradeep Kumar TS
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
Application Layer Protocols for the IoT
Application Layer Protocols for the IoTApplication Layer Protocols for the IoT
Application Layer Protocols for the IoTDamien Magoni
 
Hadoop Distributed File System
Hadoop Distributed File SystemHadoop Distributed File System
Hadoop Distributed File SystemRutvik Bapat
 
NoSQL Architecture Overview
NoSQL Architecture OverviewNoSQL Architecture Overview
NoSQL Architecture OverviewChristopher Foot
 
Issues in routing protocol
Issues in routing protocolIssues in routing protocol
Issues in routing protocolPradeep Kumar TS
 
Introduction to Network Function Virtualization (NFV)
Introduction to Network Function Virtualization (NFV)Introduction to Network Function Virtualization (NFV)
Introduction to Network Function Virtualization (NFV)rjain51
 
Power Aware Routing in Adhoc Networks
Power Aware Routing in Adhoc NetworksPower Aware Routing in Adhoc Networks
Power Aware Routing in Adhoc NetworksPradeep Kumar TS
 
Caliban: Functional GraphQL Library for Scala
Caliban: Functional GraphQL Library for ScalaCaliban: Functional GraphQL Library for Scala
Caliban: Functional GraphQL Library for ScalaPierre Ricadat
 
The constrained application protocol (CoAP)
The constrained application protocol (CoAP)The constrained application protocol (CoAP)
The constrained application protocol (CoAP)Hamdamboy (함담보이)
 
User datagram protocol (udp)
User datagram protocol (udp)User datagram protocol (udp)
User datagram protocol (udp)Ramola Dhande
 
Cisco Networking (Routing and Switching)
Cisco Networking (Routing and Switching)Cisco Networking (Routing and Switching)
Cisco Networking (Routing and Switching)Alan Mark
 
Issues of Wireless Sensor Networks
Issues of Wireless Sensor NetworksIssues of Wireless Sensor Networks
Issues of Wireless Sensor NetworksSouhaiel tekaya
 
Introduction to NoSQL Databases
Introduction to NoSQL DatabasesIntroduction to NoSQL Databases
Introduction to NoSQL DatabasesDerek Stainer
 

What's hot (20)

Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
 
M2M Communication
M2M CommunicationM2M Communication
M2M Communication
 
Router and routing
Router and routingRouter and routing
Router and routing
 
IoT Communication Protocols
IoT Communication ProtocolsIoT Communication Protocols
IoT Communication Protocols
 
Introduction to Hadoop
Introduction to HadoopIntroduction to Hadoop
Introduction to Hadoop
 
Network address translation
Network address translationNetwork address translation
Network address translation
 
Application Layer Protocols for the IoT
Application Layer Protocols for the IoTApplication Layer Protocols for the IoT
Application Layer Protocols for the IoT
 
Hadoop Distributed File System
Hadoop Distributed File SystemHadoop Distributed File System
Hadoop Distributed File System
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
 
Speech Compression
Speech CompressionSpeech Compression
Speech Compression
 
NoSQL Architecture Overview
NoSQL Architecture OverviewNoSQL Architecture Overview
NoSQL Architecture Overview
 
Issues in routing protocol
Issues in routing protocolIssues in routing protocol
Issues in routing protocol
 
Introduction to Network Function Virtualization (NFV)
Introduction to Network Function Virtualization (NFV)Introduction to Network Function Virtualization (NFV)
Introduction to Network Function Virtualization (NFV)
 
Power Aware Routing in Adhoc Networks
Power Aware Routing in Adhoc NetworksPower Aware Routing in Adhoc Networks
Power Aware Routing in Adhoc Networks
 
Caliban: Functional GraphQL Library for Scala
Caliban: Functional GraphQL Library for ScalaCaliban: Functional GraphQL Library for Scala
Caliban: Functional GraphQL Library for Scala
 
The constrained application protocol (CoAP)
The constrained application protocol (CoAP)The constrained application protocol (CoAP)
The constrained application protocol (CoAP)
 
User datagram protocol (udp)
User datagram protocol (udp)User datagram protocol (udp)
User datagram protocol (udp)
 
Cisco Networking (Routing and Switching)
Cisco Networking (Routing and Switching)Cisco Networking (Routing and Switching)
Cisco Networking (Routing and Switching)
 
Issues of Wireless Sensor Networks
Issues of Wireless Sensor NetworksIssues of Wireless Sensor Networks
Issues of Wireless Sensor Networks
 
Introduction to NoSQL Databases
Introduction to NoSQL DatabasesIntroduction to NoSQL Databases
Introduction to NoSQL Databases
 

Similar to Ericas-CWNA-Study-Guide

Ccna Wireless Study Guide
Ccna Wireless Study GuideCcna Wireless Study Guide
Ccna Wireless Study GuideCCNAResources
 
Physical layer overview
Physical layer overviewPhysical layer overview
Physical layer overviewakruthi k
 
Ccna Wireless Study Guide
Ccna Wireless Study GuideCcna Wireless Study Guide
Ccna Wireless Study GuideCCNAResources
 
Lec 12 Wi-Fi Indoor Wireless Communication
Lec 12 Wi-Fi Indoor Wireless CommunicationLec 12 Wi-Fi Indoor Wireless Communication
Lec 12 Wi-Fi Indoor Wireless CommunicationDrAdeelAkram2
 
LoRa online training for utility guys
LoRa online training for utility guysLoRa online training for utility guys
LoRa online training for utility guysNikolay Milovanov
 
EC8004-Wireless Networks-unitwise notes.pdf
EC8004-Wireless Networks-unitwise notes.pdfEC8004-Wireless Networks-unitwise notes.pdf
EC8004-Wireless Networks-unitwise notes.pdfdhananjeyanrece
 
Microwave basics
Microwave basicsMicrowave basics
Microwave basicsIslam Saleh
 
Light wave-system-3855513
Light wave-system-3855513Light wave-system-3855513
Light wave-system-3855513Pooja Shukla
 
High performance browser networking ch5,6
High performance browser networking ch5,6High performance browser networking ch5,6
High performance browser networking ch5,6Seung-Bum Lee
 
Fundamental of Radio Frequency communications.ppt
Fundamental of Radio Frequency communications.pptFundamental of Radio Frequency communications.ppt
Fundamental of Radio Frequency communications.pptginanjaradi2
 
Remote control
Remote controlRemote control
Remote controlRiaz_raj
 
Wireless repeaters
Wireless repeatersWireless repeaters
Wireless repeatersLou Tenoso
 
Radio frequency power point presentation
Radio frequency power point presentationRadio frequency power point presentation
Radio frequency power point presentationprabalkalita13
 
Telecommunications: Introduction to Wireless Networks
Telecommunications: Introduction to Wireless NetworksTelecommunications: Introduction to Wireless Networks
Telecommunications: Introduction to Wireless NetworksNapier University
 

Similar to Ericas-CWNA-Study-Guide (20)

Ccna Wireless Study Guide
Ccna Wireless Study GuideCcna Wireless Study Guide
Ccna Wireless Study Guide
 
Physical layer overview
Physical layer overviewPhysical layer overview
Physical layer overview
 
Ccna Wireless Study Guide
Ccna Wireless Study GuideCcna Wireless Study Guide
Ccna Wireless Study Guide
 
Wireless
WirelessWireless
Wireless
 
Lec 12 Wi-Fi Indoor Wireless Communication
Lec 12 Wi-Fi Indoor Wireless CommunicationLec 12 Wi-Fi Indoor Wireless Communication
Lec 12 Wi-Fi Indoor Wireless Communication
 
LoRa online training for utility guys
LoRa online training for utility guysLoRa online training for utility guys
LoRa online training for utility guys
 
LORA.pptx
LORA.pptxLORA.pptx
LORA.pptx
 
EC8004-Wireless Networks-unitwise notes.pdf
EC8004-Wireless Networks-unitwise notes.pdfEC8004-Wireless Networks-unitwise notes.pdf
EC8004-Wireless Networks-unitwise notes.pdf
 
Pramodlna
PramodlnaPramodlna
Pramodlna
 
Receiver design
Receiver designReceiver design
Receiver design
 
Microwave basics
Microwave basicsMicrowave basics
Microwave basics
 
Light wave-system-3855513
Light wave-system-3855513Light wave-system-3855513
Light wave-system-3855513
 
High performance browser networking ch5,6
High performance browser networking ch5,6High performance browser networking ch5,6
High performance browser networking ch5,6
 
Bandwidth optimization
Bandwidth optimizationBandwidth optimization
Bandwidth optimization
 
Cbrc
CbrcCbrc
Cbrc
 
Fundamental of Radio Frequency communications.ppt
Fundamental of Radio Frequency communications.pptFundamental of Radio Frequency communications.ppt
Fundamental of Radio Frequency communications.ppt
 
Remote control
Remote controlRemote control
Remote control
 
Wireless repeaters
Wireless repeatersWireless repeaters
Wireless repeaters
 
Radio frequency power point presentation
Radio frequency power point presentationRadio frequency power point presentation
Radio frequency power point presentation
 
Telecommunications: Introduction to Wireless Networks
Telecommunications: Introduction to Wireless NetworksTelecommunications: Introduction to Wireless Networks
Telecommunications: Introduction to Wireless Networks
 

Ericas-CWNA-Study-Guide

  • 1. Erica’s CWNA Study Sheet 6/6/06 ESN ID 20401-060606-121147-91 • 802.3af POE o DTE (Data Terminating Equipment) Power via (Media Dependant Interface) MDI o End span – active Ethernet Switch o Mid span – multi-port injector that sits between a non PoE switch and one or more PoE devices o Large number of 802.3af-commplinat VOIP phones attached to the same Ethernet switch can adversely affect the proper operation of the APs • 802.11 o Original IEEE standard covering DSSS, FHSS, and Infrared wireless LANs. o 802.11 networks operate at 1 to 2 Mbps in the 2.4 GHz ISM band o Minimum transmit power should be no less than 0 dBm(DSSS) o 30MHz between frequencies of non overlapping DSSS Channels o ad hoc mode o infrastructure mode o A Basic data rate and an enhanced data rate are specified for the 802.11 DSSS physical layer (DSSS) o wireless client uses to select the best AP with which to associate  Relieved signal strength value indicator  SNR ratio o Deauthentication Frames not authenticated o No authentication authorization and accounting support AAA o NA and Europe 2.402-2.480GhZ o Also 5.15-5.25 GHz UNII o IBSS un DCF mode • 802.11a o 6, 9, 12, 18, 24, 36, 48, and 54 Mbps DSSS in the 5 GHz UNII bands. o Use OFDM Modulation o Center 20 MHZ apart UNII • 802.11b o aka Wi-Fi o 1, 2, 5.5, and 11 Mbps wireless networks using DSSS in the 2.4 GHz ISM band o modulation:  1 Mbps (DBPSK)  2 Mbps (DQPSK)  5.5 Mbps (DQPSK)  11 Mbps (DQPSK) o Client Utilities  Site Survey Utility  Signal Strength meter  User profile config tool o Controls the use of the RF medium for period of time using RTS/CTS • 802.11e o Enhancement to 802.11 that includes quality of service (QOS) features o Facilitates prioritization of data, voice, and video transmissions • 802.11f o Specifies methodologies for seamless roaming between access points • 802.11g o Emerging standard that offers 802.11a speeds in the 2.4 GHz ISM band and is compatible with 802.11b equipment. o ERP-OFDM o It is managed by TGg o extension of 802.11b o Extends the maximum data rate of WLAN devices that operate in the 2.4 GHz band, in a fashion that permits interoperation with 802.11b devices o Operates at up to 54 megabits per second (Mbps), with fall-back speeds that include the "b" speeds o States that 25MHz separation is required between the center frequencies of non overlapping ERP Channels o Passes  Time sync info  Capabilities  Spread Spectrum Parameter Set info • 802.11h o Enhancement to 802.11a that resolves interference issues o Dynamic frequency selection (DFS) o Transmit power control (TPC) • 802.11i o Enhancement to 802.11 that offers additional security for WLAN applications
  • 2. o Defines more robust encryption, authentication, and key exchange, as well as options for key caching and pre-authentication o EAP Authentication - type is user configurable for 802.11i- compliant wireless LAN Client devices o CCMP/AES o WPA2-Enterprise o • 802.15 o WPAN Communications specification that was approved in early 2002 by the IEEE for wireless personal area networks (WPANs). • 802.15.1 o Bluetooth Short range (10m) wireless technology for cordless mouse, keyboard, and hands-free headset at 2.4 GHz. • 802.15.4 o Zigbee Short range wireless sensor networks • 2.4000-2.4835 GHz – the specified frequency range for data transmission in the 2.4GHz ISM Band • When 802.11b devices are present in an 802.11g BSS, the use of DSSS will diminish network throughput significantly over a purely OFDM environment • An 802.11g system supporting only the data rates required by the 802.11g amendment can interoperate with 802.11 devices • Bluetooth - FHSS technology sponsored by 802.15. Uses the entire 2.4GHz ISM band at very low power for personal area networking. Not compatible with and can interfere with 802.11b and 802.11g. • HomeRF – o FHSS in the 2.4GHz ISM band provides up to 10 Mbps connections. o Its very low power output limits its range o Operates at a maximum of 5 MHz wide carrier frequencies, minimum of 15 hops and a maximum of 125mW of output power. o SWAP specification developed by the HomeRF Working Group for wireless voice and data networking at home o frequency hopping o has a range of up to 150 feet / 45.7 meters • Access Point o a half-duplex device with intelligence equivalent to that of a sophisticated Ethernet switch o operate in  root mode  bridge mode - clients do not associate with bridges. used to link tow or more wired network segments together  repeater mode o Protocol and MAC filtering can be included o Configuration and management of APs include  console  telnet  USB  built-in web server  custom configuration and management software o Can be programmed with a MAC address Access Control List that permits a specific group of stations from associating with an access point. • Wireless bridges o half duplex devices capable of layer two wireless connectivity o Wireless workgroup bridges are seen as a single client device. It is capable of aggregating multiple wired LAN client devices into one collective WLAN client. • Gain o An increase in amplitude obtained either by boosting the power (amplifier) or focusing the power o indicates an increase in the amplitude of an RF signal caused by an external source o Narrowing or focusing antenna beams increase antenna gain o Measured in decibels +dBi o Increasing the effective signal strength by focusing energy. o Passive Gain - Focusing the antenna lobe in a desired direction causes an increase in the distance a propagated RF wave will travel o GAIN of 10 dB will yield power ratio 10:1 o Range increases as the gain of an antenna is increased • Loss - Decrease in amplitude experienced either by reducing the power (attenuator) or by introducing splitters, long cables, etc. Measured in decibels. • Reflection – o A radio signal bounces off a smooth or coated surface and changes direction. o Direct signal will be attenuated and distorted if the indirect signal arrives at the receiver 90 degrees out of phase • Refraction - A radio signal passes through an object, but exits at an angle different from when it entered the object. • Diffraction - A radio signal passing around an object - a change in the direction and intensity of radio waves striking a fixed obstacle and the bending of the waves around that obstacle • Scattering - A single radio signal is broken up into multiple signals, each usually traveling in several new directions and being out of phase to the original signal. • Signal Strength Ratio - measurable ability to resist radio frequency interference • Voltage Standing Wave Ratio (VSWR) o Backpressure in the electrical circuit, and is often caused by antennae, cable or connectors of differing impedance. o in 802.11a WLAN caused by Mismatched impedance between devices in series with the main RF signal o Can Cause  Transmitter burnout  Decrease RF signal amplitude at the receiver
  • 3. o 1:1 - value that indicates a perfect impedance match between an antenna and the attached cable • Amplification - Boosting of signal strength actively, by using a booster (amplifier), or passively, by using a high-gain antenna. • Attenuation o Reducing of a signal actively by using a resistor (attenuator), or passively/unintentionally, by using longer cables or splitters o an amplitude reduction in the signal • Visual LOS - Visual Line of Sight - from point A to point B there are no objects such as walls, buildings, trees, mountains, etc. blocking your view. • RF LOS - Radio Frequency Line of Sight - from point A to point B there are no objects such as walls, buildings, trees, mountains, etc. blocking your radio signal. Can receive a signal at point A from point B and vice versa. VLOS does not guarantee RF LOS, as radio waves will travel in a larger path. + • Earth bulge should be considered when planning paths over 7 miles • Principle of RF propagation and communication - if low RF signal strength is indicated, signal quality may be high enough for good communication o Factors affecting:  Antenna Gain  Fresnel zone blockage • The Fresnel Zone o Name of the area surrounding a transmitted RF beam after it leaves an antenna o Elliptical path of radio frequencies that must be reasonably free of obstructions for RF LOS to exist. o Any object that is within the Fresnel Zone may attenuate, reflect, refract, or scatter the radio signal, depending on the object and how far into the Fresnel Zone it is. o must be at least 60% clear of obstructions for a 2.4 GHz RF link at a distance of 5 miles o determine the diameter of the first Fresnel Zone for a wireless LAN link  Frequency of the transmission  Distance between the antennas • E plane polarization - an RF wave's orientation as it leaves the antenna element • Intentional Radiator o All equipment, including the access point, connectors, cabling, etc. from the transmitter through the point at which you connect an antenna. o First point where you must measure output power to ensure compliance with FCC regulations found in Part 47, Ch 1, Section 15.247 • EIRP - Effective / Equivalent Isotropic Radiated Power o Measurement of radio signal power as it leaves the antenna. o Second point where you must measure output power to ensure compliance with FCC regulations found in Part 47, Ch 1, Section 15.247 o Power supplied to the antenna plus antenna gain • Wave propagation - Process of transmitting or conducting energy • Watt - The basic unit of power, equal to one ampere of current at one volt. • Milliwatt o One one-thousandth of a watt measurement units for a calculable amount of power o Used to describe a calculable power quantity o 1mW = 0dBm • Decibel (dB) o Relative measurement of power based on the logarithm of absolute power o used to represent radio power because of the exceptionally small numbers o Based on a reference point of 1 Watt. o relative changes in power levels o LOSS of 3 dB = 1:2 power ratio • dBm – o Decibels referenced to 1 Milliwatt o Used to describe a calculable power quantity o 0 dBm = 1mW o 1W=30dBm in RF power o 100 mW = +20dBm • dBi – o Decibels referenced to an isotropic radiator (an antenna of 0 gain/loss). o relative changes in power levels o Antenna dissipative LOSS is denoted by use of -dBi measurement units • Power conversion formula is PdBm=10*(log(PowermW)) • The relationships between logs and watts in multiples of 3 and 10 o mW = 0 dBm 10 mW = 10 dBm 100 mW = 20 dBm 1 W = 30 dBm 1 mW = 0 dBm 2 mW = 3 dBm 4 mW = 6 dBm 8 mW = 9 dBm • Wireless LANs o Fulfill the access role on a network o Physical area is usually constrained to a floor, a building, a workgroup area, or other area that could be serviced by other technologies such as Ethernet. o Most are DSSS (Direct Sequencing Spread Spectrum) and provide wireless clients access to one another or to traditional LAN based resources such as servers, Internet access, etc. o They operate in the 2.4GHz ISM (Industrial, Scientific, and Medical bands) spectrum or the 5 GHz UNII (Unlicensed National Information Infrastructure bands) spectrum and are defined by IEEE 802.11 standards o When installing an RF extension cable to an antenna in a wireless LAN  area covered by the antenna will decrease
  • 4.  Equivalent Isotropically Radiated Power (EIRP) will decrease • Wireless PANs - Wireless Personal Area Networks – o Used for small, short-range data transfers between devices such as PDA synchronizing to desktops, cordless headsets for telephones, etc. o Most are Bluetooth FHSS networks operating in the 2.4GHz ISM spectrum and are defined by IEEE 802.15 standards • Wireless WANs - Wireless Wide Area Networks o Used to connect two or more LANs together using the same technology as Wireless LANs. o Can provide as much or more speed than leased lines and for far less cost, when the proper conditions exist to permit their use • Spread spectrum o Wide bandwidth and low peak power. o A signal is considered to be a spread spectrum signal when the bandwidth is much wider than what is required to send the information. o reduced interference • FHSS - Frequency Hopping Spread Spectrum o Frequencies used vary over at least 83 MHz and each transmitting and receiving device must “hop” between frequencies on a predetermined pattern. o FCC says FHSS has a standard hop rate of 26 hops. o For FHSS, the FCC mandates a dwell time of 400ms per carrier frequency in any 30 second time period o Maximum output of FHSS is 125mW and a maximum of 5 MHz of carrier frequency bandwidth. o Narrow band interference has very little effect on FHSS due to the hopping from frequency to frequency and the fact that the band is 83.5 MHz wide. o FCC and IEEE 802.11 standard defines the useable portion of the 2.4 GHz ISM band as 83.5 MHz wide o FHSS is very resistant to narrow-band interference o Used by 802.11, Bluetooth, and other technologies, such as cordless phones. • DSSS - Direct Sequencing Spread Spectrum – o Frequencies used center on carrier frequencies, but modulate at different rate bit sequences to carry data. o DSSS has a higher data rate and is used by 802.11, 802.11a, 802.11b, and 802.11g technologies. o DSSS has channels 22 MHz wide and 1 MHz of carrier frequency. o DSSS signal is more susceptible to narrow band interference. o Used in LAWN transmission types • OFDM - orthogonal frequency division multiplexing o encoding scheme is used by 802.11a o Reduces the amount of crosstalk in signal transmissions. o transmissions in the lower U-NII Band are limited to 40mW o 48 sub carriers are used as parallel symbol transmission paths • Co-location o Two or more access points within a small enough geographic area that potential interference could exist. o May be necessary to provide sufficient coverage for wireless clients or sufficient bandwidth. o May occur unintentionally when nearby WLANs belonging to others exist. o Care must be taken to ensure that co-located access points are set up to minimize interference. • Channels – o Frequency range or pattern used to transmit and receive data o Adjacent Channel Interference - Adjacent channels are side-by-side. Adjacent channels overlap because each channel is 22 MHz wide and center frequencies are only 5 MHz apart. Coverage cells physically overlap and degrade throughput. o cause throughput degradation when operating in non overlapping channels when  The APs are too close  Output Power on each AP is too high  Antenna gain on AP is too high o Co-channel Interference is the use of the same channel in a situation where coverage cells overlap. Need to move to a non-overlapping channel (e.g. 1, 6 & 11). • Dwell time o Time slice a particular frequency is used. o Longer dwell time can mean more throughput, but can also mean more susceptibility to interference • Throughput - Actual data transfer rate in megabits per second (Mbps.) • Hop time – o Time slice between using one frequency and using the next. o The shorter the hop time, the more throughput and the more expensive the radio transmitter. • Pre 8/31/2000 - FHSS must use at least 75 of the allowed 79 channels, with a maximum power output of 1 Watt the IR. Maximum throughput in this system is 2 Mbps. • Post 8/31/2000 - FHSS must use only 15 hops where required, as long as the bandwidth of the channels used times the number of hops equals 75 MHz, but with a maximum power output of 125 mW at the IR. Maximum bandwidth in this system is 10 Mbps. • 14 channels are available for 802.11b, 11 in the US in the 2.4 GHz ISM band. Each is 22 MHz wide. • Three bands available for 802.11a in the 5 GHz UNII band. o Low band – indoor 5.15 GHz to 5.25 GHz with a maximum power output of 50mW (IEEE says 40 mW), o Middle band –indoors or outdoors at 5.25 GHz to 5.35 MHz with a maximum power output of 250mW (IEEE says 200 mW) o High band - outdoors 5.725 GHz to 5.825 GHz with maximum power output of 1000mW or 1W (IEEE says 800 mW.) FCC Title 47 • Passive scanning - Using a wireless network sniffer to monitor data transmissions without actually attempting to associate or authenticate to the network
  • 5. • Active scanning - Broadcasting association requests to identify wireless networks • Authentication o Process used to begin wireless networking.  A wireless client will request to exchange data with an access point.  The access point can either permit or deny this request, or pass the request to an upstream authenticator like a RADIUS server o EAP-TLS is certificate based authentication. • Association - Process used to pass data to/from a wireless client through an access point • Unauthenticated and unassociated - Initial state of a wireless client • Authenticated and unassociated - Wireless client has successfully authenticated to an access point, but is not yet associated and therefore cannot send or receive data • Deauthentication o Is a notification, not a request o May be invoked by a station or access point • Reassociaton o AP transmits reassociaton request frame to client w status o Reassociaton service informs the distro system that an association is moving • 4 way handshake is RTS/CTS/DATA/ACK • Open system authentication o The default authentication method specified by the IEEE, which uses a null authentication process. o Any client can associate with any access point as long as the SSID is correct or “ANY” SSID is accepted o Default authentication method used by WEP • Shared key authentication - WEP (Wired Equivalent Privacy) keys are used in a Challenge/Response scenario to allow or deny authentication • Secret keys and certificates o Secret keys are WEP keys. o Certificates usually refer to PKI based certificates. EAP-TLS is certificate based authentication. o Both must be configured on the client and the access point in advance • AAA Support - Authentication, Authorization, and Accounting services 802.11i • BSS - Basic Service Set o Wireless network using an access point in infrastructure mode. o BSS identifier is usually the MAC address of the access point o Multiple clients, one AP, connected to a common distribution system. o Affected wireless bandwidth  Number of Active transmitting stations associated to the access point  Distance from the access point to the most distant station • ESS - Extended Service Set o Wireless network in infrastructure mode using two or more access points that share access to the wired network. o Two or more BSSs (Basic Service Sets) connected by a common distribution system. • IBSS - Independent Basic Service Set is also called an ad-hoc network or peer-to-peer o Has no AP or any other access to a distribution system. o Mist be self contained architecture o Must not have a distribution system access available o Can sleep • Ad-hoc mode - No access point and all wireless clients communicate directly with one another as peers • Infrastructure mode - The AP (Access Point) coordinates all between wireless clients and any other network entity, wired or wireless • SSID - Service Set Identifier – o “name” of the wireless network. o broadcast by the access point in its beacons by default o is a common network name for the devices in WLAN o alphanumeric info field having a value of 0-32 octets o disabling does not help because  any 802.11 analyzer can see SSID in clear text in frames other than beacons and probe response frames.  Broadcasting the SSID in beacons and allowing APs to respond top probe request frames through null SSID fields allows authorized users to easily find and connect to the wireless AP if they have correct security credentials • Roaming o Moving wireless client disassociates itself from one access point and associates with another. o Data flow is handed off between access points so that the user switches seamlessly. • PSP Mode - Power Save Polling mode o Wireless client “sleeps’ for a short time, several times per second, to save power. o Very important in order to extend battery life for portable clients • CAM - Constantly Aware Mode o Wireless client does not sleep o Used when battery life is not an issue • Beacons o Broadcast  Management frames (usually 10 times per second)
  • 6.  Timing  Channel  SSID (not always)  Capabilities  Traffic maps (not always) o They are found in both infrastructure and ad-hoc networks • TIM - Traffic Indication Map - Used by access points in infrastructure networks to inform PSP clients of queued traffic. • ATIM - Ad Hoc Traffic Indication Map - Used by clients in ad hoc networks to inform PSP clients of queued traffic • ATIM Windows - the time slice when PSP clients “wake up” to receive notification of queued traffic • Difference between WLAN and Ethernet - o both have the same data payload o All Layer 3 protocols are supported by WLANs o WLANs have more overhead and many more types of frames.  Frame types include • Probe • Beacon • Atim • Authentication • Association • rts/cts • ack • psp • cf • DCF - Distributed Coordination Function - allows all clients to contend for access using CSAM/CA • PCF o Point Coordination Function - has the access point poll all clients for data communications.  Used to provide quality of service o When station and access point are in this mode– pollable stations are given medium access priority during the , Contention Free Period (CFP) o When a client station transmits a data frame that goes unacknowledged, the client station may retransmit the data frame during the next contention period • Interframe spacing - brief time interval when no transmissions occur. • RTS/CTS – o Used when a hidden node exists o Used for 802.11b AP to control use of the RF Medium for period of time • Dynamic Rate Selection o Clients use the maximum transfer rate available, based on capabilities of access point and signal strength. o This is usually a function of distance. o Clients can downgrade or upgrade as conditions mandate • Modulation - Modulation consists of adding data to a carrier wave using frequency, phase, or amplitude changes • Coding - Using multiple changes in modulation to represent bits of data. 802.11 o DSSS uses Barker Code for 1 and 2 Mbps, and CCK (Complementary Code Keying) for 5.5 and 11 Mbps. o 802.11 FHSS uses Barker Code. o 802.11a uses OFDM (Orthogonal Frequency Division Multiplexing) • Data access role - These roles are suitable for wireless LAN technology: wireless clients, laptops, PDAs inventory scanners, etc. • Wireless bridging o Extension of existing networks into remote locations o Building-to-building connectivity • Last mile data delivery - Wireless Internet Service Providers (WISPs) • SOHO - Home Wireless Gateways o Mobile office, classroom, industrial, and healthcare - Examples include: making medical records available to handheld devices, providing portable or temporary classrooms, performing inventory, setting up field offices, etc • PCMCIA cards - Bus speed is 33MHz o Type I is 3.3mm thick. o Type II is 5mm thick. o Type III is 10.5mm thick • USB 1 - maximum throughput of 12 Mbps • USB 2 - maximum throughput of 480 Mbps • Residential gateways - These usually provide NAT, DHCP, DNS. They usually also have a small Ethernet switch built in and are good for sharing a public IP for both wireless and wired clients • Enterprise gateways - Provides support for larger numbers of clients. Typically these are configured to hand off authentication to RADIUS o Enterprise gateways and LAN Switch  Support • Role Based Policy Enforcement • 802.1x EAP-TTLS
  • 7. • Bandwidth Management  L2TP/IPSEC  802.1x/EAP-TLS • Antennas o Frequency Range in MHz o Impedance in Ohms o VSWR Rating o Polarization o Omni-directional/dipole –  Equally sensitive in all directions, transmitting and receiving in all directions.  Good for AP’s or point-to-multipoint setups  the HORIZONTAL beam width is 360 degrees o Semi-directional - more focus is given to one direction, providing more sensitivity and distance in that direction. Well suited for situations where you need to provide service in all directions, but in one particular direction distance or interference requires a stronger signal.  Yagi  Patch  panel o High-gain - The sensitivity is concentrated in one direction or plane, providing better connectivity at the expense of other directions or at the expense of directions above and below the antenna o Antenna technologies are used to help eliminate null areas of RF coverage within a facility  Antenna Diversity  Multiple Input/Multiple Output o Compared to an omni-directional antenna, diffraction is higher for an antenna with narrow beam widths • Polarization o Effect of a sending antenna and a receiving antenna being in the same or different plane. o Determines the orientation of an RF wave as is leaves the antenna element o There are  Vertically polarized antennae  Horizontally polarized antennae  Circularly polarized antennae. o Sender and the receiver use the same polarization to maximize reception. o Sender using vertical polarization and a receiver using horizontal polarization are said to be 90 degrees out of phase. This results in a 3dB signal loss, effectively reducing the power by 50%. • Beam width - The field of view of an antennae’s signal. Usually measured in degrees, from 3dB of signal loss across the maximum focus to the other side at 3dB signal loss o Wider beam width antennas do not have to be as accurately oriented, but they are not as sensitive a receiver and cannot transmit as far. o Narrow beam width antennas must be more accurately oriented, but are more sensitive and have a higher gain. o Calculated by the -3dB from the center axis both horizontally and vertically • Free-Space path loss - The attenuation of a signal over distance. Higher gain antennae overcome this by focusing the energy to travel further before the loss becomes so great as to prevent reception • Power over Ethernet (POE) devices - All POE devices use wire pairs in CAT5 cable that are not used by the Ethernet protocol. No standard across vendors • Amplifiers o Used to increase a signal’s strength, usually to overcome loss introduced by longer cable runs between the transceiver and antenna o Care must be taken to ensure that EIRP remains within FCC regulations • Attenuators o Used to decrease a signal’s strength so that it remains within FCC guidelines. o Used when an AP’s power output cannot be reduced, and the use of a high gain antenna may exceed power output restrictions or desired coverage area • Lightning Arrestors o Need for a good ground o Use ionized gas to provide the ground o usually sacrificial o protect from Induced AC and DC • RF splitters – Used to split signals between antennae, but with an accompanying loss of signal strength • Multipath o Signal reflects and arrives from more than one apparent source, and not in phase. o Delay Spread o Use antenna diversity and MIMO to compensate for this situation. o Effect of a Multipath signal is downfade, upfade, corruption, or nulling o As a Multipath signal will arrive in different phases, a single antenna will experience interference. o Dual antennae can detect the time shift and focus on the stronger signal, ignoring the weaker, out of phase signal • Hidden node – o Use RTS/CTS since nodes cannot hear one another, and thus CSMA/CA wouldn’t work. o Caused by interfering obstacles between client stations • Near-Far - Transmitter nearby may drown out a signal from a more distant station
  • 8. • RF interference o is plaguing wireless LAN deployments the most o Narrow band versus wide band and Signal to Noise ratio o Microwave ovens produce the most significant RF interference to your wireless LAN • All-band interference – o To deal with this  Eliminate the source of the interference  Transmit a stronger signal than source of the interference  Use a different band • System throughput o Affected by signal strength, the number of stations, collocation, and protocols in use. o Usually half (or less) of the theoretical; i.e., an 11 Mbps rated connection provides about 5 Mbps actual throughput. o Affected by WEP, and is consumed by Acks • Co-location throughput - No overlapping channels means that with DSSS, only 1, 6, and 11 of the eleven channels should be collocated. There is some overlap between channels 1 and 6, and between channels 6 and 11 • Weather - Watch for o thermal inversion zones o high humidity o dense fog o wind • A good site survey can guarantee client performance and save money. On the other hand, a poor or non-existent site survey may lead to a failed WLAN and result in wasting money on unnecessary hardware .You must identify business requirements, client types, radio coverage and propagation patterns, security requirements, budgets, etc o site survey allows you to have a good idea of the number and location of access points necessary to provide adequate coverage and performance for your users o Obtaining terrain elevation maps and aerial photos o Determining antenna heights o Identifying possible reflections points o Gathering business requirements - You need to quantify the number of clients, the nature of their network usage o Interviewing management and users - Use a written questionnaire or survey to identify bandwidth, applications roaming, coverage areas, etc o Defining security requirements - This should include the level of encryption, authentication, etc o Site-specific documentation - Documents could include blue prints, physical security requirements, the availability of power, the need for escort, etc o Documenting existing network characteristics - Develop the following: network diagrams, bandwidth reports, a listing of available switch ports, etc o Wireless LAN equipment - At minimum, include an AP and provide the client with site survey tools, and maps or blueprints of building o Measurement tools - Some valuable tools are: a frequency analyzer, a wireless network sniffer, some external antennae, and others o Documentation - This entails material such as: blue prints of building with areas marked to show desired coverage, and authorization papers to access restricted areas or wiring closets o Non-RF information - Determine items such as client expectations, the type of users requiring wireless access security requirements, etc o Permits and zoning requirements - Determine what is necessary in the area. Pay special attention when running low voltage wiring through walls or in the ceiling, as electrical codes may apply. o Outdoor considerations - Ensure proper grounding, weather proofing, lightning protection, etc. o RF related information - Analyze sources of interference, and other wireless implementations in the vicinity o Interference sources - Know about other wireless implementations such as 2.4 GHz cordless phones, microwaves (ovens or wan links!), wireless cameras and alarm systems. o Connectivity and power requirements - Research sources for AC power, Ethernet connectivity, etc o Requirements - These include the type and number of access points client devices, antennae, etc o Methodology - Ensure a full and complete coverage of the area, scan for intermittent interference sources at several times during the day, map out areas lacking coverage, and note the signal strength of the areas covered o Measurements - Measure the following: signal to noise ratio, and signal strength. Perform bandwidth throughput testing o Security - Include recommendations for physical security, steps to prevent unauthorized access, and standards for data encryption o Graphical documentation - Color code maps or blueprints when possible, including proposed locations for access point installations. o When performing an 802.11b site survey in a multi-tenant building with ten (10) a Site Surveyor should keep in mind  The channel reuse pattern should be three dimensional with the RF cell extending coverage of each access point to only one floor above and one floor below.  Placing access points directly above and below each other from floor-to-floor typically causes co-channel and/or adjacent channel interference o Mark Dead Spots on a blueprint or floor plan o Interference hospital  Metal Mesh Glass  Elevator Shafts o Warehouse  Facility Floor Plan showing wiring closets  Forklifts temp placing APs o VOIP  End user roaming requirements  User specific throughput requirements and AP capacity info
  • 9. • WEP o Security protocol defined in 802.11b o Uses Data Link and Physical Layers of OSI o 24 bit initialization vector along with either a 40 bit or 104 bit shared secret. o Initialization vector is sent in the clear, and an RC4 cipher is used to encrypt the challenge. o WEP is vulnerable to cracking, as default keys from vendors are well known. o Considered useful as a first line of defense for layered security or defense in depth o Not as secure as once believed o default authentication method - Open System Authentication • AES o Advanced Encryption Standard uses a 256 bit key length o Extremely robust and considered by many to be “unbreakable,” but is not yet a standard o It stores keys in a way that can be compromised by physical theft of client hardware o 802.11i Unimplemented draft o Supported by many manufacturers o Addresses all the weaknesses in WEP, and is often called WEP2 o rijndale algorithm chosen by Federal Information Processing Standard (FIPS) • Filtering o Allows only MAC addresses on the filter list to associate o Cannot determine if an address is “spoofed.” o Still considered useful as a first line of defense for layered security or defense in depth • Emerging security techniques o Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) using tokens o RADIUS o 802.1x o Temporal Key Integrity Protocol (TKIP) o Wireless DMZ’s. • Passive attacks (eavesdropping) - Passive sniffers are almost impossible to detect. WEPCrack is an example. • Active attacks - Active attacks consist of connecting, probing, and configuring the network. NetStumbler • Jamming attacks o Entails attacking improperly configured access points, and other ISM or UNII equipment like telephones or cameras o Jamming and interference have a lesser affect on spread spectrum communication than on narrow band communication. • Man-in-the-middle attacks - Use an access point and a bridge to intercept and relay traffic, either recording or modifying the traffic. • WEP key solutions – o Rotating keys o dynamic keys o separate keys for data and management • Wireless VPN - Most operating systems support PPTP; Windows 2000 and XP support IPSEC • Key hopping - Changing of keys based on a predetermined schedule. • Wireless gateways - Authenticate connections using RADIUS, much like RAS o An enterprise wireless gateway is a device that can provide specialized authentication and connectivity for wireless clients. • 802.1x and EAP - Add back end authentication options such as certificates, tokens etc • Securing sensitive information o SSIDs should not convey or imply anything having to do with the company o ALL transmitted data should be encrypted (using not just WEP!) o Access controls should be in place to prevent access to data by unauthorized parties • Physical security o Access points and antennae should be secured from theft. o Client devices should be the responsibility of the user, with appropriate policies in place to discourage carelessness • Inventory and audits - Implement a regular schedule to detect missing or rogue equipment • Public networks - Users may access the corporate network from public hotspots. No unencrypted data or authentication protocols (Telnet, FTP, POP3, et al) should be permitted. Personal firewalls and antivirus software must be in place and up to date • Cell sizing - Reduce power at the access point to minimize the coverage area extending beyond the LAN’s physical boundaries • Monitoring - Intrusion Detection Systems (IDS) to detect unauthorized access or probes • User authentication - Roll out RADIUS or TACACS to further authenticate the user prior to permitting access to the network • Wireless DMZ - Access points on an isolated subnet should not have to pass broadcasts from the internal network. PPTP or IPSEC can be used to secure a VPN, so that all data will be encrypted • FCC - Federal Communications Commission o regulates the radiation rating o Makes and enforces the regulations in the United States regarding communications o Requires that communication equipment manufacturers use at least 75 frequencies per transmission channel • IEEE - Institute of Electrical and Electronic Engineers - Sets standards in the United States for interoperability. Their standards usually are more restrictive than FCC regulations • WECA - Wireless Ethernet Compatibility Alliance o A vendor sponsored group that tests and certifies equipment to be interoperable under the 802.11 specifications.
  • 10. o Wi-Fi brand and certification program for Wireless LAN products is developed and managed by • WLANA - Wireless LAN Association – o educational trade association for the wireless industry o Industry sponsored group provides information and education on wireless networking • IrDA - Infrared Data Association - An industry group relating to infrared communications. Most devices using infrared for small data transfers (PDAs, laptops, etc.) use IrDA equipment instead of 802.11 • ETSI - European Telecommunications Standards Institute - comparable to the IEEE in that it handles communications standards in Europe • Point to Multipoint in both 2.4 GHz ISM and 5 GHz upper UNII bands are limited to 4 Watts EIRP and 1 Watt at the IR by FCC regulations • Point to Point uses a sliding scale, which provides for reducing power at the IR to compensate for higher gain antennae o Uses infrared light, which cannot pass through walls, but can be reflected by them. o Usually requires line of site. o maximum throughput is 4 Mbps • Physical Carrier Sense functions by checking signal strength (RSSI) • Virtual Carrier Sense is implemented through RTS/CTS • Return Loss - An impedance mismatch between devices in the RE system can cause a high return loss in an RF transmission system • Authentication then Association • RADIUS - Remote Authentication Dial-In User Service o RADIUS authentication verifies against Native RADIUS, LDAP, NDS, Active Directory • Pine trees are the easiest for RF to penetrate. Maple trees are the most difficult for RF to penetrate. • The 2.4 GHz band is 2.4000 GHz to 2.5000 GHz with 2.4000 GHz to 2.4835 GHz used by ISM WLANS • The 5 GHz UNII band is 3 different 100 MHz bands known as lower, middle and upper bands. Within each is four non-overlapping DSSS channels separated by 5 MHz. • Corporate security policy should cover items such as o cell/sector size o strong passwords o strong WEP keys o physical security o use of advanced security solutions o regular WLAN inventories. • Corporate policy meeting include o Security risks and audits o Gov regulations o User productivity impact • Valid ratings of computer radiation emission in the US o Class B - least interference o Class A • SWAP o operates 2400 MHz bands o 50 hops per second • Interframe Space o DIFS – Longest Interframe Space o EIFS - Interframe Space is used in 802.11 DCF mode when the acknowledgement frame is not received by the transmitter of the previous unicast data frame o PIFS – Used during Point Coordination Function • RF signal Attenuation - the negative effect of the RF wave propagates through space front experiences natural expansion • Free-Space Path loss - the RF signal amplitude degradation as the propagated wave moves through space • when determining the link budget for a long-distance point-to-point wireless LAN link consider o Antenna gain o Transmitter power o Free Space Path Loss • WLAN Splitter – dB is used to determine the insertion loss on wireless LAN splitters • Insertion loss on wireless LAN splitters is measured in db • dBi, dB are measurements of relative power • WLAN Calculations dBm to Milliwatts • required to establish a high quality 2.4 GHz point-to-point RF link at a distance of 5 miles o Accurate Link Budget calculations o A Fresnel Zone that is at least 60% clear of obstructions • affect the propagation distance of an RF signal o Antenna gain o Fresnel zone blockage • Fade Margin – the amount of signal strength in addition to the link budget • DFS – Dynamic frequency selection • Factors affecting the application layer throughput of an 802.11g client on an 802.11g wireless LAN o Number of simultaneous 802.11g clients using the same access point
  • 11. o Use of a VPN tunnels across the wireless LAN by the 802.11g client o Association of an 802.11b client to the same 802.11g access point as the 802.11g client • calculable power quantity o dBm o mW • Most common mount type for installing a WLAN to a mast (pole) outdoor o U-bolt base clamp • Wireless mesh router o Can be implemented as part of the core or access network layers in enterprise installation • Time Synchronization o When reviving beacon frames, stations check and correct their cocks using the timestamp included in the frames • Active scanning on BSS o Stations broadcast probe request frames on all channels o Nearby APs respond with probe response frame o Stations record info found in the probe response frames for use in the association process • Site Survey software vs. manual • Site survey makes it easier to update AP info and locations • Less time o Software: • Analyze sources of RF interference and noise • Emulate client experience to measure connection speed, retry rate and frame loss • Verify the possible optimal AP locations • FAT/Thick full featured vs. thin APs advantage in Enterprise environment o In case of theft, a thin AP contains no usable information o Thin APs reduce cost due to min hardware config and by having central point of mgmt • Prevent 802.11g client from roaming seamlessly between 2 APs in same network o New AP fails to receive the clients session key as part of reassociaton o Role based profile on the WLAN switch is preventing the client from using certain APs • Hijacking o Can be done with software AP, narrowband RF jamming device and DHCP server application • WIPS – Wireless Intrusion Prevention system does not recognize o Eavesdropping o 802.11 FHSS Rogue APs • WEP. WPA, WPA2 o 802.1x/EAP authentication o TKIP/RC4 • WPA/WPA2 Enterprise certification include o EAP-TTLS o PEAPv0/MSCHAPv2 o EAP-TLS o PEAPv1/EAP-GTC • Least RF Signal loss Wood studded drywall • Cables and connectors o cable quality affects amount of VSWR and return loss in the signal path o two similar connectors diff companies may vary in specs • no RF interference, still have o frame fragmentation o distance from AP • 802.11 a/g o Authentication encryption tool o Connection speed indicator o Link statistics monitor • Smaller frame size result in greater throughput in a high RF interference environment
  • 12. Disclaimer: These Study Guides By Erica St.John are designed to help readers obtain information and education on products and/or services to help them study. There are no warranties implied. These guides are meant to help you learn and understand. If they help you to pass the exam, that’s great. You should note, however, that this guide is not updated to reflect every change that has been made to the exams in terms of topics and depth of knowledge required. Things like that can, do, and almost certainly will change. I have written these Study Guides by notes I have goatherd while studying for various certifications. The fundamental concept is that you should NOT rely solely upon the information or opinions you read. Rather, you should use what you read as a starting point for doing independent research on computers, hardware, wireless, security, networking and the like. Then judge for yourself the merits of the material that has been shared in. You should carefully consider whether this material is appropriate for you in light of your experience, objectives, resources and other circumstances. These documents and their information are provided for guidance and information purposes only. The information contained herein has been compiled from sources deemed reliable and it is accurate to the best of my knowledge and belief; however, these documents cannot guarantee as to the accuracy, completeness and validity and cannot be held liable for any errors, out of date information or omissions. All information contained herein should be independently verified and confirmed. Erica St. John does not accept any liability for any loss or damage whatsoever caused in reliance upon such information. Reader agrees to indemnify and hold harmless Erica St.John (Girl Geekette and or Girlgeekette.net) from and against any damages, costs and expenses, including any legal fees, potentially resulting from the application of any of the information provided by these Study Guides. This disclaimer applies to any damages or injury caused by any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft or destruction or unauthorized access to, or use of record, whether for breach of contract, tort, negligence, or under any other cause of action. Reader agrees to assume all risk resulting from the application of any of the information provided by these Study Guides. By reading and or studying these documents and content contained therein, the reader agrees that the use of these Study guides and the information in them is entirely at his/her own risk. Terms of Use: You MAY use these resources in your personal studies. You may NOT claim these resources as your own. You may NOT re-package or re-distribute this resource without written permission. No derivatives. Erica St. John http://www.girlgeekette.net erica.stjohn@gmail.com ESN ID 20401-060606-121147-91